Anti-Threat Toolkit can detect various kinds of malware, from viruses and trojans to rootkits, rogue programs and spyware. A fix may include the restoration of system policies and Registry settings that were changed by malware.

Very nice set of tools, thank you for links. I was starting to miss Trend Micro's old Sysclean package that I used to clean client machines with years ago. And now with Trend Micro's detection rates up again these days, it's great to have these small (free) scanners that can be run from a usb drive and so on. Awesome!

Housecall uses different and much smaller virus signature (pattern) file which you get also if you click on your link and go to "Clean ZBot and Cryptolocker infection using ATTK". The pattern file is named as such icrc$oth.xxx (x being numbers) approx. 35-40mb in size. So Housecall is comparable to that which I think they refer to as a specific threat cleaner. Now the main scanner from your link when you go to "Clean infected computers" loads their main larger virus signature (pattern) file name as such lpt$vpn.xxx (x being numbers) approx. 70+mb and that is similar to their old Sysclean package and realtime scanners. I have no idea why the difference between the signature files though. I'm guessing one is a more broader range while the other may be a more specialize one to focus on more common/current threats.

So to sum it up, THREAT_CLEAN_64.exe from your link is basically and offline version of Housecall. All of the internals are comparable with the exception of a few visual differences to the GUI design of course.

EDIT: Here is the info I was able to dig up on differences between Trend pattern files.

lpt$vpn.xxx Enterprise Pattern
The Official Pattern Release or OPR is Trend Micro's latest compilation of patterns for identified viruses. It is guaranteed to have passed a series of critical tests to ensure that customers get optimum protection from the latest virus threats.

icrc$oth.xxx Smart Scan Agent Pattern
These patterns are used by Trend Micro products that include the Smart Scan feature. The "Smart Scan Agent Pattern" resides on the users’ local client workstation.

So it seems that the Trend products (eg. Housecall, THREAT_CLEAN_64.exe) that use Smart Screen patterns (icrc$oth.xxx) must also get some extra assistance from the cloud. While Trend's main offline scanner from your link (attk_ScanCleanOffline_gui_x64.exe) utilizes the full virus signature patterns (lpt$vpn.xxx) and does not need extra assistance from the cloud, similar also to their old Sysclean package as well as some of their real time solutions also use full virus sigs (lpt$vpn.xxx) but I'm assuming for the consumer products it may be an option to enable/disable.

I remember with the old Sysclean package you could also use dozens of command line parameters with it which was great. I don't think that is possible with these new tools though unfortunately. But these new tools are great.

I have cleaned a few client systems in the past few days successfully and with ease thanks to your suggestion of these tools from Trend Micro, and I thank you for creating this thread here. Naturally, since these systems were clearly infected I opted to sever Internet connection prior to cleaning and of course needed the Offline options for these particular use cases. However, if just using as a second opinion scanner I can understand your suggestion of using the Online packages. Although I am curious, why do you suggest the Online ones? Is it because it can potentially use newer definitions from the Trend servers and such?

I also noted during these recent client system cleanings that the package "with Cleanboot" of something like that, the definitions provided in the package were nearly a year old. So it seems that Trend doesn't necessarily update these packages too often. So I suppose that is all the more reason to use the Online packages as you suggest. Cleanboot option would have been great since it creates a bootable environment to scan/clean the system prior to Windows booting up and running. I also noted that I was able to squeeze the most recent (and proper matching) virus definition files and cleanup patterns from Trend's site as well, manually. Although at that point I had already did the final cleaning scan with Kaspersky's most recent AVP Tool. Trend's Offline package did the initial cleaning though. I'm looking into finding better ways of using these tools from Trend as well by extracting to USB, updating definitions and so on. No idea if it is technically legal or not though. Not reverse engineering or anything like that though, of course. It's really quite simple and basic methods I am using.

I indeed suggested "Clean infected computers - Online Scan" because of the possibility of newer definitions from the Trend servers.

If it's not possible or desired to have Internet access, then I recommend to try "Clean infected computers - Offline Scan". This might be out of date though; as of yesterday the download was dated Sept. 17, 2014.

"Clean MBR and Rootkit infection using ATTK with Cleanboot" might be a superset of "Clean infected computers", but as you noted its definitions and software are currently quite old. Thank you for noting that there are technical means of integrating newer definitions into "Clean MBR and Rootkit infection using ATTK with Cleanboot".